sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: use kanidm secret provisioning

Browse source
This commit is contained in:
oddlama 2023-08-27 01:17:11 +02:00
parent 522de920bb
commit 7c48e51320
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
9 changed files with 126 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

7
hosts/ward/microvms/forgejo.nix
View file

@ -20,6 +20,13 @@ in {
inherit (config.services.gitea) group;
};
# Mirror the original oauth2 secret
age.secrets.forgejo-oauth2-client-secret = {
inherit (nodes.ward-kanidm.config.age.secrets.kanidm-oauth2-forgejo) rekeyFile;
mode = "440";
inherit (config.services.gitea) group;
};
nodes.sentinel = {
networking.providedDomains.forgejo = forgejoDomain;